Kaveh Moravej

Kaveh Moravej has extensive experience in the field of information security. Kaveh currently holds the position of Head of Information Security at Droit, where they are responsible for implementing and managing the ISO/IEC 27001 program and achieving certification. Additionally, they oversee the implementation of an application security and DevSecOps program, including the selection and implementation of new tools and alignment with OWASP SAMM. Kaveh also conducts penetration testing of web applications and infrastructure.

Prior to their current role, Kaveh worked as an Information Security Consultant at Aeon4 Security Ltd. Here, they performed network and web penetration testing across public and private networks. Kaveh also formalized security testing and assessments across cloud platforms such as AWS and Azure.

As a Senior Consultant at RAZORTHORN, Kaveh led and managed information security compliance programs, including PCI DSS, ISO/IEC 27001, GDPR, and Cyber Essentials. Kaveh also oversaw the development of penetration testing and technical assurance activities.

Earlier in their career, Kaveh worked as an Information Security Consultant at Unlike Minds Ltd. During this time, they designed and implemented information security and data privacy compliance regimes, including GDPR readiness. Kaveh also contributed to the development of emergency response plans, contingency plans, disaster recovery plans, and incident response exercise programs. Kaveh conducted research, analysis, and troubleshooting to identify and resolve complex security issues.

Overall, Kaveh Moravej has demonstrated expertise in information security, compliance, and penetration testing throughout their career.

Kaveh Moravej holds a Doctor of Philosophy - PhD degree from The University of Manchester. Additionally, they have obtained several certifications including Certified Information Security Manager® (CISM) from ISACA, Certified Information Systems Auditor® (CISA) from ISACA, Certified Professional Penetration Tester (eCPPT) from eLearnSecurity, Developing Secure Software (LFD121) from The Linux Foundation, and Offensive Security Certified Professional (OSCP) from Offensive Security. The specific years of obtaining these certifications were not provided.